Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 357

by JesseMcDonald (#48929037) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Oh how about a new protocol extension that allows one designated program to receive all keyboard inputs regardless of any other grabs. The X11 server can keep on pretending that the other grabbers still have such a grab.

I'm not really sure how creating yet another way for a "designated program" to monitor input events is supposed to address the problem that any X11 client can monitor keyboard events on any window in the absence of a grab, unless you intend to rewrite all existing software to grab the keyboard on receiving input focus, and force all the desktop environments to implement support for the extension and move their global keybindings into a specially designated client. At that point you might was well switch to a system designed for secure I/O from day one—like Wayland.

Look: X11 works on Windows even though windows can apparently REALLY gab the keyboard. X11 will we are told work on Wayland too despite the fact that wayland can apparently REALLY grab they keyboard. Do you really think it couldn't be extended to do that itself?

It's no different with a rootless X server on Windows. Input received by any X window can be observed by any X client, unless one client grabs the input. XWayland will probably work the same way, with native Wayland clients secure from each other and from X11 clients but no isolation between X11 clients and no support for grabbing input directed at non-X11 windows. XWayland is meant as a shim between the Wayland compositor and ordinary X clients; it doesn't support external window managers and isn't expected to host a full X11 desktop environment. You wouldn't run something like a screen locker as an X11 client under XWayland. It wouldn't be secure, for the same reasons that screen lockers aren't secure under X11 now, and similar compatibility problems would occur if you tried to implement the Wayland input model with X11 extensions.

It's easy to implement the insecure X11 model on top of a secure system. The reverse is much more difficult.

Comment: Re: If it's accessing your X server, it's elevated (Score 2) 357

by JesseMcDonald (#48928091) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Some other window most likely does have the keyboard focus, but that's not the same as grabbing the keyboard. Having the focus doesn't prevent input events from also being delivered to other windows, it just tells the non-focused windows to ignore the events. Integrity and privacy for both input and output is a hard problem and something very few windowing systems manage to get right. The solutions tend to involve some degree of inconvenience for the user.

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 357

by JesseMcDonald (#48927973) Attached to: Why Screen Lockers On X11 Cannot Be Secure

What exactly would you propose to add? This isn't a matter of implementing new functionality, but rather removing fundamental misfeatures. Any change to address this issue is going to end up breaking existing applications which depend on the original input behavior.

In any case this is hardly the only reason to switch to Wayland. It's just one of many areas which highlights the drawbacks of trying to tack modern best practices on top of an aging framework. Better to adopt a clean and modern design as the base and confine the hackish workarounds needed to support older clients to a separate compatibility layer.

Comment: Re:If it's accessing your X server, it's elevated (Score 5, Informative) 357

by JesseMcDonald (#48926131) Attached to: Why Screen Lockers On X11 Cannot Be Secure

I'm not familiar with writing apps for X, but are you saying that every program that displays a window in X can log all keystrokes including in windows that are not associated with that program?

Yes. This isn't just X, by the way; it's a common design across most operating systems. Any client can register to receive keyboard and mouse input regardless of the current focus, unless another client has already "grabbed" the input device. This is how things like global keybindings are typically implemented. Windows used for password entry (including lock screens) can grab the keyboard to prevent other programs from listening in. The problem is that this only works if no other program has already grabbed the keyboard.

Secure input handling is one of the many reasons why everyone is eventually planning to switch to Wayland. Under Wayland, only the compositor has access to the raw input or the ability to inject simulated input events. The compositor manages any global keybindings and forwards the remaining events exclusively to the active window.

Comment: Re:Now using TOR after WH threats to invade homes (Score 1) 281

by JesseMcDonald (#48919029) Attached to: EFF Unveils Plan For Ending Mass Surveillance

If you are calling trying to stop things like the Charlie Hebdo a Nanny State then I think your definitions are a bit off.

The concept of the "Nanny State" is more about means than ends. If a state's approach to "protecting" people involves restricting their freedom, then it's a Nanny State. The goal is laudable, but does not justify the means.

Comment: Re:lol (Score 1) 322

It's just like handing over keys to a storage cabinet you own. There's no Fifth Amendment protection here. You aren't being forced to testify against yourself.

You're assuming that they already know that you have the keys. If they don't know that, then demanding that you open the cabinet amounts to a call for self-incrimination—not because of the contents per se, but because it would show that you had access to the contents. (Perhaps you received a locked cabinet with no key, and have no idea what may be inside.)

Similarly, if they haven't already shown that you have access to the social media account in question, then simply revealing that you know the password would be self-incrimination. Perhaps someone else set up the account in an attempt to frame you.

Comment: Re:If I were a kid in that school district... (Score 1) 322

If they know that an account was used for cyber-bullying, but don't know for sure that it was you using the account, revealing that you know the password would already be self-incrimination. You don't need to make up a convoluted password in order to plead the 5th.

Comment: Re:Wackadoddle (Score 1) 666

by JesseMcDonald (#48871501) Attached to: US Senate Set To Vote On Whether Climate Change Is a Hoax

Timezones exist because the world is curved around the axis of rotation, meaning that the angle to the Sun varies according to one's longitude. If the world were flat, but still rotating so as to allow for day and night, then the Sun would be at (very nearly) the same angle to the ground everywhere, and thus the time should be the same everywhere.

Unless there are people living on the back of the plane, that is, in which case there would be two diametrically opposed timezones rather than the continuous variation you get with a sphere or cylinder.

Comment: Re:Quite possibly the stupidest vulnerability ever (Score 2) 118

by JesseMcDonald (#48629551) Attached to: Grinch Vulnerability Could Put a Hole In Your Linux Stocking

Please; this had nothing to do with systemd. It's about PackageKit, which has been around for quite a bit longer. The problem is with the part of their PackageKit configuration which apparently allows administrators to install software without authenticating first. It's rather like putting the line

%wheel ALL = (root) NOPASSWD: /usr/bin/yum

in your sudoers file. PolicyKit can also be configured to require authentication for each action, it just wasn't set up that way on their system. There's nothing wrong with identifying the members of the "wheel" group as administrators, but the policies should be configured such that administrators need to authenticate prior to installing new software. (This seems to be the default on CentOS 6.4; I have no idea what they were running. "pkcon install" does not work by default here without authentication, even for a member of the "wheel" group.)

Comment: Re:Good, let them. (Score 1) 388

by JesseMcDonald (#48622101) Attached to: Sony Leaks Reveal Hollywood Is Trying To Break DNS

They can very easily block anything that is not in plain text.

You can put whatever data you want inside a "plain text" message. Even under wartime conditions where all messages in and out are reviewed by actual humans, people still manage to get secrets through—and that approach doesn't scale. Any automated Internet censorship system (short of shutting down the Internet entirely) would leak like a sieve.

Comment: Re:The issue was raised before. (Score 1) 688

by JesseMcDonald (#48619297) Attached to: Economists Say Newest AI Technology Destroys More Jobs Than It Creates

You can, however, mine iron more efficiently if you have plenty of information at hand regarding the locations of the richest deposits, the latest mining techniques, and the state of the futures markets. The same goes for crops—better information regarding the health of your fields, meteorological forecasts, market conditions, and the latest agricultural developments all make for higher yields, and that's before you even consider the information-heavy R&D required for modern GMO crops.

Rapid worldwide information networks take the guesswork out of the economy, so that you don't spend months mining iron ore or growing crops only to discover when you finally deliver your finished product to market half a world away that the demand lies elsewhere. Producers can find out about changes in supply and demand as they occur and adjust their investments accordingly. That alone is a major development in its own right.

Comment: Re:Time for modern analog formats (Score 1) 433

by JesseMcDonald (#48604365) Attached to: Vinyl Record Pressing Plants Struggle To Keep Up With Demand

What is the guarantee your digital format will be readable after 100 years?

Provided there's still anyone who cares about the data after 100 years, I'd say the odds of it surviving completely intact are fairly good, especially if you use the space recovered through digital compression to store error-correcting codes. It's unlikely that we'd forget how to decode popular formats like MP3, FLAC or JPEG in such a short time, absent a global catastrophe of sufficient order to drive the entire human race back into the stone age.

I'll admit that analogue still images do have digital beat in one area, ease of access. For all its faults, at least film doesn't need a complicated decoder; just shine some light on it (or through it). Of course, that only works because you're not operating anywhere near the limits of your storage medium. How many analog images do you think you can fit in 15x11mm? My comparatively cheap 32GB micro-SD card can hold around 3,000 8MP raws (~10MB each), which is pushing the limits of consumer optics. With reasonable compression you could easily double that. At that scale I think you'd need a bit more than just a magnifying glass to see the individual images.

My response was really to this line, however:

But, we could do things with equally modern analog technology that would blow digital out of the water.

Any "modern analog technology" can be exploited for the storage of digital data, and thus benefits digital at least as much as analog. Analog is never going to "blow digital out of the water". It has its niche areas, like archival film for ease of access, and loses to digital everywhere else regardless of the recording technology.

Comment: Re:Time for modern analog formats (Score 1) 433

by JesseMcDonald (#48602249) Attached to: Vinyl Record Pressing Plants Struggle To Keep Up With Demand

You could use those same materials to store digital versions of the media far more compactly, with equivalent quality. Even lossless audio compression (FLAC) would reduce the amount of material required by 40-50%; the benefits are greater for video, much less something like a hologram. (Yes, you can store holograms digitally.)

Raw signals contain a lot of redundancy. Any real-world signal can be converted losslessly between analog and digital; a prime advantage of the digital representation is that it can be processed to remove that redundancy. Also, near-ideal filters can be implemented much more easily as DSP programs than as networks of analog components.

Comment: Re:No (Score 2) 1051

Non-action can never count as causing harm. The villains in this story are the diseases, not the unvaccinated. It's great that you want to fight diseases, but if your particular method of fighting disease requires others to undergo a medical procedure, that has to be their choice. You need to persuade them to cooperate; they've done nothing to justify the use of force against them.

Of course, this is all tied up with the taxation and mandatory education requirements (which, needless to say, are immoral to start with regardless of the vaccination issue). By accepting tax subsidies and requiring attendance the public schools have forfeited any right they might have otherwise had to turn anyone away. Their mandate is to provide education, not enforce vaccination.

Comment: Re:freedom 2 b a moron (Score 1) 1051

Ergo, if you don't want to vaccinate your child you're free to do that, but be prepared to pay for private education.

The problem for the most part isn't the need to pay for a private education, it's that you are made to pay for both. You're still forced to pay for a public education even though your kids aren't eligible to attend. Without those taxes, the cost of attending a private school would be far less onerous. It's not like the private schools are that much more expensive to run; they just aren't subsidized the way the public schools are.

Education should be treated as just another cost of raising a child, to be paid for by the parents, no different keeping the child fed and clothed and under shelter. In cases of genuine hardship—as opposed to negligent planning—the parent can apply for charitable assistance, which may come with strings attached, such as vaccination and parental participation.

If this is a service economy, why is the service so bad?